GRC Senior Analyst/ Specialist

Grc Senior Analyst And Specialist

Core Activities

• Provide expert consultation on Governance, Risk, and Compliance (GRC) matters.
• Review, assess, and enhance enterprise cybersecurity architecture.
• Conduct reviews of QCSF evidence and provide compliance recommendations.
• Deliver cybersecurity consultancy and practical security solutions to internal stakeholders.
• Identify cybersecurity risks and recommend mitigation strategies.
• Support the implementation of cybersecurity policies, standards, and best practices.
• Collaborate with business and technical teams to improve cybersecurity posture.
• Prepare reports, assessments, and recommendations for management.
• Stay updated with emerging cybersecurity threats, technologies, and regulatory requirements.

Key Responsibilities

• Act as a subject matter expert for cybersecurity governance, risk, and compliance.
• Review and improve enterprise cybersecurity architecture to ensure alignment with business and security objectives.
• Evaluate compliance against the Qatar Cyber Security Framework (QCSF) and recommend corrective actions.
• Provide strategic cybersecurity guidance to stakeholders across the organisation.
• Develop and recommend cybersecurity controls and solutions based on risk assessments.
• Support cybersecurity audits, assessments, and compliance activities.
• Ensure cybersecurity initiatives align with organisational policies and industry standards.
• Produce high-quality documentation, reports, and technical recommendations.
• Mentor stakeholders on cybersecurity best practices where required

Education

• Bachelor's or Master's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related discipline.

Experience

• Minimum of 10 years' experience in cybersecurity, with strong expertise in Governance, Risk & Compliance (GRC), enterprise cybersecurity architecture and regulatory compliance.

Skills & Competencies

• Strong knowledge of Governance, Risk & Compliance (GRC) frameworks.
• Extensive experience with Enterprise Cybersecurity Architecture.
• Thorough understanding of the Qatar Cyber Security Framework (QCSF).
• Strong cybersecurity consulting and advisory skills.
• Excellent analytical and problem-solving abilities.
• Ability to assess risks and recommend effective security solutions.
• Excellent communication, stakeholder management, and report-writing skills.
• Ability to work independently and collaboratively within multidisciplinary teams.
• Strong understanding of international cybersecurity standards and best practices.

Language Proficiency

• Proficiency in English & Arabic is required.